Manufacturer of smart headphones Bose accused of tapping their customers

Bose is one of the largest manufacturers of smart devices in the world. The same company is constantly expanding its “Internet of Things” ecosystem. Such devices and services are all good, the only thing is that they are vulnerable to hacking. For example, the same Mirai botnet uses smart gadgets to form its network. But in this case we are talking about cybercriminals. Could it be that the manufacturer of smart devices decides to spy on its own users? At first glance, the idea is rather ridiculous. But as it turned out, anything is possible in this world.

In the US, one of the users of Bose smart headphones from the company accuses the company of illegally receiving information on the Internet about the audio recordings of its users, who listen to them, in fact, it is about constant monitoring. Plaintiff Kyle Zack claims that the company illegally obtains personal user data using the Bose Connect application. It must be installed in order to be able to control the functions of Bose wireless devices. Everything would be fine, but this application, as Zak says, has undocumented functions, namely, sending user data to the company's server.

As already mentioned, we are talking about audio materials that listens to the user. According to the plaintiff, they can be used to identify the interests of a person who has been using headphones for a certain time. “For example, a person who listens to Muslim prayers with a high degree of probability is a Muslim. The person who listens to audiobooks, where the topic of sexual minorities is touched upon, most likely belongs to one of them, and the person who listens to medical materials about HIV is most likely either sick or working in the medical field. None of the buyers of the respondent could assume that this data could be recorded and sent to a third party for analysis, ”the statement of claim says .

The plaintiff states that in addition to audio, Bose also collects registration data of its users, including the serial numbers of the devices. And then, using this information, the company tracks in real time what one person or another is listening to or not. Moreover, private data is also sent by Bose to such companies as Segment.io, which work with advertising agencies of doubtful sense. As for the monitoring devices, these are QuietComfort 35, SoundSport Wireless, SoundSport Pulse Wireless, QuietControl 30, SoundLink Around-Ear Wireless Headphones II, and SoundLink Color II headphones.
')
Zak claims that the company began to monitor its customers, starting in 2016. Then a new feature was introduced that allowed users to control their devices remotely using smartphones. For this purpose, and serves as the application Bose Connect, which can be downloaded from the App Store and Google Play.

According to the plaintiff, Bose uses this software to continuously collect data that is transmitted to the company's smart devices from smartphones and other devices synchronized with the defendant’s products.

It is not yet known how true the information provided by the plaintiff is, but remembering how advanced cyber espionage is now, there is nothing improbable in this case. Users are led (or led) by Vizio, Samsung, Microsoft, Google, Yahoo (referring to different cases of intentionally or accidentally collecting information about their users) organizations like the CIA, the NSA, law enforcement agencies from different countries.



The plaintiff did not study the Bose software himself, but with the help of the law firm Edelson, which specializes in technology and cases of violation of the human right to privacy. Now the company and the plaintiff will have to visually show the court exactly how the software from Bose, which is responsible for espionage, works.

Probably, Bose lawyers will prove in court the innocence of the company, explaining what happened with the transfer of non-sensitive data to the company's servers, including information about the author of the melody heard, the name of the song, etc. Edelson lawyers, in turn, are confident that not only the melody metadata, but also the user's personal data, as well as fragments of the melody heard, are transmitted to the Bose server.